Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,692
Erlang
34
GitHub Actions
27
Go
2,279
Maven
5,000+
npm
3,931
NuGet
708
pip
3,699
Pub
12
RubyGems
919
Rust
957
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

978 advisories

Loading
The web management interface of Okcat Parking Management Platform from ZONG YU has an Arbitrary... Critical Unreviewed
CVE-2025-4556 was published May 12, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via... Critical Unreviewed
CVE-2025-46193 was published May 9, 2025
The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-4403 was published May 9, 2025
The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-11617 was published May 9, 2025
Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php. Critical Unreviewed
CVE-2023-31585 was published May 8, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a... Critical Unreviewed
CVE-2025-47549 was published May 7, 2025
Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated... Critical Unreviewed
CVE-2025-40625 was published May 6, 2025
Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE)... Critical Unreviewed
CVE-2025-46616 was published Apr 25, 2025
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization,... Critical Unreviewed
CVE-2025-31324 was published Apr 24, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Angelo Mandato PowerPress... Critical Unreviewed
CVE-2025-46264 was published Apr 24, 2025
TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with... Critical Unreviewed
CVE-2025-43946 was published Apr 22, 2025
The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2021-4455 was published Apr 19, 2025
The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... Critical Unreviewed
CVE-2025-1093 was published Apr 19, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using... Critical Unreviewed
CVE-2025-39436 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG Lite allows... Critical Unreviewed
CVE-2025-32682 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager allows... Critical Unreviewed
CVE-2025-32660 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in solacewp Solace Extra allows... Critical Unreviewed
CVE-2025-32652 was published Apr 17, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator... Critical Unreviewed
CVE-2025-27282 was published Apr 17, 2025
Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload... Critical Unreviewed
CVE-2024-40071 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Ben Ritner - Kadence WP Kadence... Critical Unreviewed
CVE-2025-39557 was published Apr 16, 2025
The Ready_ application's Profile section allows users to upload files of any type and extension... Critical Unreviewed
CVE-2025-1980 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in EPC AI Hub allows Upload a Web... Critical Unreviewed
CVE-2025-26927 was published Apr 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts... Critical Unreviewed
CVE-2025-32579 was published Apr 11, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Brian Batt - elearningfreak.com... Critical Unreviewed
CVE-2025-32202 was published Apr 10, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects... Critical Unreviewed
CVE-2025-32206 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database